US DOJ recovers more than half of ransomware payment of Colonial Pipeline hack


In May this year, the United States fuel supplier Colonial Pipeline made a payment of $4.4 million in Bitcoins to DarkSide hacking group for freeing up its servers from the file-encrypting malware.


Now, the US Department of Justice has issued a media update stating that a majority of the ransom payment was recovered from the wallet of the DarkSide ransomware group and there is a high probability that a full amount recovery can also be made by this weekend if all goes according to the plan.


Going by the details available to our Cybersecurity Insiders, a special task force was established by the Biden administration last month for nabbing those involved in the hacking and digitally disrupting the operations of Colonial Pipeline via cyber attack.


And surprisingly, the task force tracked down the ransom payment made to the DarkSide hackers and managed to recover the money from the e-wallet maintained by the Russia-based gang.


US officials report that an amount of $3 million was recovered from the wallets with an expectation to recover the full amount in Bitcoins by this month’s end said Stephanie Hinds, the attorney at the Northern District of California, from where the warrant to seize the crypto was issued.


Note- In general, there is a perception among Cybercriminals that payments made in Cryptocurrencies such as Bitcoins and Monero are hard to trace. But the situation has changed on a drastic note in the past two years in this regard as some companies have emerged with software that can track down even the payments made in a blockchain.


And when compared to data recovery costs, paying a ransom is making economical sense these days and so most of the ransomware victims are showing interest in paying the demanded sum to hackers, rather than recovering the locked-up data from backups.


Thus, despite, repeated warnings from the law enforcement agencies like the FBI and UK’s NCSC not to pay the ransom, as it encourages crime, many of the file-encrypting malware victims are making a payment, thus encouraging the criminals to launch more such attacks to make quick money.


Therefore, do you think paying the ransom to hackers makes complete sense….?

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display